Roles

Overview

UiB is responsible for managing personal information in research and education.
The management at UiB is required by law to keep an overview of projects where personal information is handled, and to carry out an internal control to secure that the law is upheld.
The management at UiB is the system owners of RETTE.

The Data Protection Official at UiB will provide the institution with advice on questions regarding personal information.
The Data Protection Official at UiB shall contribute to make information available at the personal data and privacy gateway and knowledge resources.
The Data Protection Official shall contribute to identify projects that need guidance or a data protection impact assessment (DPIA).

The faculties are responsible to oversee that departments follow up on projects in RETTE.
The Dean appoints the role as to whom is responsible for RETTE at the faculty. The person(s) is/are then registered in RETTE by the Dean.
The faculty’s appointed responsible person(s) for RETTE will, twice a year, confirm that the departments have followed up on their projects in RETTE.

The institute must make sure that supervisors and researchers have the necessary skills and training regarding research practices.
The institute must make sure that projects in RETTE, that is connected to the institute, is being followed up in regard to correct registration, or any follow-ups by the data protection official or NSD.
The institute manager appoints the role as to whom is responsible for RETTE at the institute. The person(s) is/are registered in RETTE by the institute manger.
The institute’s appointed responsible person(s) for RETTE will, twice a year, confirm that the institutes have followed up on their projects in RETTE.
Depending on the need, there can be one or more people responsible for RETTE at the institute.
The person(s) responsible for RETTE at the institute is/are in charge of identifying which projects that are in need of follow-ups or guidance from the data protection official or NSD.
Regarding problems related to single projects, the person(s) responsible for RETTE at the institute will establish contact with the project manager through RETTE or other ways of communication such as mail.

Skill requirements for the person responsible for RETTE at the institute:

Extensive knowledge of the research practices at UiB.
Basic knowledge about privacy in regards to research and education, to help guide students in processing personal information in projects.
Get to know RETTEs user manual, and be available to answer questions from students and employees regarding the use of RETTE.

The project manager can be a researcher at UiB, a supervisor etc. The person is an employee at UiB.
The project manager is familiar with the research practices at UiB, and will make sure that projects that are processing personal information are registered in RETTE.
The project manager may delegate the registration itself to a student or research fellow, but is responsible that the information about the project in RETTE is correct and up to date.
The project manager must, twice a year, confirm that the information about a project in RETTE is correct and up to date.
The project manager must oversee that personal information is deleted or anonymized after the termination of a project.

Student/research fellow can register a project in RETTE, but must name a project manager that is an employee at UiB.
Beyond registering a project, the student/research fellow take no part in the follow-up of projects.

If the personal data act is breached, all roles are responsible for disclosing the breach at the personal data and privacy gateway at uib.no.

Edit this page